def full_url_for(endpoint, **values): ref_url = url_parse(get('locations')['base_url']) url = url_for(endpoint, _scheme=ref_url.scheme, _external=True, **values) url_ = url_parse(url) new = url_unparse( (ref_url.scheme, url_.netloc, url_.path, url_.query, url_.fragment)) return new
def verify_signed_user_url(url, method): """Verify a signed URL and extract the associated user. :param url: the full relative URL of the request, including the query string :param method: the HTTP method of the request :return: the user associated with the signed link or `None` if no token was provided :raise Forbidden: if a token is present but invalid """ from indico.modules.users import User parsed = url_parse(url) params = url_decode(parsed.query) try: user_id, signature = params.pop('user_token').split('_', 1) user_id = int(user_id) except KeyError: return None except ValueError: raise BadRequest(_('The persistent link you used is invalid.')) url = url_unparse( ('', '', parsed.path, url_encode(params, sort=False), parsed.fragment)) user = User.get(user_id) if not user: raise BadRequest(_('The persistent link you used is invalid.')) signer = _get_user_url_signer(user) signature_data = f'{method}:{user.id}:{url}' if not signer.verify_signature(signature_data.encode(), signature): raise BadRequest(_('The persistent link you used is invalid.')) return user
def parse_redirect(self, location, parse_fragment=False): from werkzeug.urls import url_parse, url_decode, url_unparse scheme, netloc, script_root, qs, anchor = url_parse(location) return ( url_unparse((scheme, netloc, script_root, '', '')), url_decode(anchor if parse_fragment else qs) )
def resolve_redirect(self, response, new_location, environ, buffered=False): """Resolves a single redirect and triggers the request again directly on this redirect client. """ scheme, netloc, script_root, qs, anchor = url_parse(new_location) base_url = url_unparse((scheme, netloc, "", "", "")).rstrip("/") + "/" cur_server_name = netloc.split(":", 1)[0].split(".") real_server_name = get_host(environ).rsplit(":", 1)[0].split(".") if self.allow_subdomain_redirects: allowed = cur_server_name[-len(real_server_name) :] == real_server_name else: allowed = cur_server_name == real_server_name if not allowed: raise RuntimeError("%r does not support redirect to " "external targets" % self.__class__) # For redirect handling we temporarily disable the response # wrapper. This is not threadsafe but not a real concern # since the test client must not be shared anyways. old_response_wrapper = self.response_wrapper self.response_wrapper = None try: return self.open(path=script_root, base_url=base_url, query_string=qs, as_tuple=True, buffered=buffered) finally: self.response_wrapper = old_response_wrapper
def resolve_redirect(self, response, new_location, environ, buffered=False): """Resolves a single redirect and triggers the request again directly on this redirect client. """ scheme, netloc, script_root, qs, anchor = url_parse(new_location) base_url = url_unparse((scheme, netloc, '', '', '')).rstrip('/') + '/' cur_server_name = netloc.split(':', 1)[0].split('.') real_server_name = get_host(environ).rsplit(':', 1)[0].split('.') if self.allow_subdomain_redirects: allowed = cur_server_name[-len(real_server_name):] == real_server_name else: allowed = cur_server_name == real_server_name if not allowed: raise RuntimeError('%r does not support redirect to ' 'external targets' % self.__class__) # For redirect handling we temporarily disable the response # wrapper. This is not threadsafe but not a real concern # since the test client must not be shared anyways. old_response_wrapper = self.response_wrapper self.response_wrapper = None try: return self.open(path=script_root, base_url=base_url, query_string=qs, as_tuple=True, buffered=buffered) finally: self.response_wrapper = old_response_wrapper
def render_template(template_file_name, **kwargs): if app is None: raise RuntimeError("No web application registered with mailer") template = get_jinja_environment().get_template(template_file_name) base_url = url_unparse(("https" if config.web_https else "http", config.web_public_host, "/", "", "")) with app.test_request_context(base_url=base_url): return template.render(**kwargs)
def _rebuild(self): base = url_parse(self._absolute_url) params = base.decode_query() for key, value in self._params.iteritems(): if isinstance(value, (list, tuple)): params.setlist(key, value) else: params[key] = value self._url = url_unparse(base._replace(query=url_encode(params), fragment=self.fragment))
def url_for_page(page: int, page_size: int) -> str: """Build an URL to for a search result page.""" rule = request.url_rule parts = url_parse(url_for(rule.endpoint)) args = request.args.copy() args['start'] = (page - 1) * page_size parts = parts.replace(query=url_encode(args)) url: str = url_unparse(parts) return url
def _post(self, translated_resource: dict, url: str, **kwargs): """Sends the resource to an agent or itself""" if self.config['BASE_URL_FOR_AGENTS'] in url: # We submit the resource to ourselves url = url_parse(url) # We need to remove the base path absolute_path_ref = url_unparse(URL('', '', url.path, url.query, url.fragment)) response = self._post_internal(translated_resource, absolute_path_ref) else: response = self._post_external(translated_resource, url, **kwargs) return response
def _url_for(endpoint, **values): url = url_for(endpoint, **values) if endpoint == 'static': # noinspection PyProtectedMember components = url_parse(url)._replace( scheme=current_app.config['CDN_SCHEME'], netloc=current_app.config['CDN_DOMAIN'], ) url = url_unparse(components) return url
def url_for_author_search(forename: str, surname: str) -> str: parts = url_parse(url_for('ui.search')) forename_part = ' '.join([part[0] for part in forename.split()]) name = f'{surname}, {forename_part}' if forename_part else surname parts = parts.replace(query=url_encode({ 'searchtype': 'author', 'query': name })) url: str = url_unparse(parts) return url
def current_url_sans_parameters(*params_to_remove: str) -> str: """Get the current URL with ``param`` removed from GET parameters.""" rule = request.url_rule parts = url_parse(url_for(rule.endpoint)) args = request.args.copy() for param in params_to_remove: args.pop(param, None) parts = parts.replace(query=url_encode(args)) url: str = url_unparse(parts) return url
def _on_change_with_urladdr(self): # Generates the URL to be used in OpenStreetMap # If latitude and longitude are known, use them. # Otherwise, use street, municipality, city, and so on. parts = OrderedDict() parts['scheme'] = 'http' parts['netloc'] = '' parts['path'] = '' parts['params'] = '' parts['query'] = '' parts['fragment'] = '' if (self.latitude and self.longitude): parts['netloc'] = 'openstreetmap.org' parts['path'] = '/' parts['query'] = url_encode({ 'mlat': self.latitude, 'mlon': self.longitude }) else: state = country = postalcode = city = municipality = street = \ number = '' if self.address_street_number is not None: number = str(self.address_street_number) if self.address_street: street = self.address_street if self.address_municipality: municipality = self.address_municipality if self.address_city: city = self.address_city if self.address_zip: postalcode = self.address_zip if self.address_subdivision: state = self.address_subdivision.name if self.address_country: country = self.address_country.code parts['netloc'] = 'nominatim.openstreetmap.org' parts['path'] = 'search' parts['query'] = url_encode({ 'street': ' '.join([number, street]).strip(), 'county': municipality, 'city': city, 'state': state, 'postalcode': postalcode, 'country': country }) return urls.url_unparse(list(parts.values()))
def adjust_url_for_https(app, url=None): if url: url_ = url_parse(url) ref_url = url_parse(get('locations')['base_url']) new = url_unparse((ref_url.scheme, url_.netloc or ref_url.netloc, path_for_app(app, url_.path), url_.query, url_.fragment)) else: new = full_url_for_app(app, 'index') return new
def _post(self, translated_resource: dict, url: str, **kwargs): """Sends the resource to an agent or itself""" if self.config[ 'BASE_URL_FOR_AGENTS'] in url: # We submit the resource to ourselves url = url_parse(url) # We need to remove the base path absolute_path_ref = url_unparse( URL('', '', url.path, url.query, url.fragment)) response = self._post_internal(translated_resource, absolute_path_ref) else: response = self._post_external(translated_resource, url, **kwargs) return response
def make_github_link(app, path, line=None, mode="blob"): config = app.config urlpath = "/{user}/{project}/{mode}/{branch}/{path}".format( user=config.github_user, project=config.github_project, branch=config.version or 'master', path=path, mode=mode, ) return urls.url_unparse(('https', 'github.com', urlpath, '', '' if line is None else 'L%d' % line))
def url_without_trailing_slash(s, _external=False, **values): """ Generate url for an endpoint without trailing slash. """ ourl = url_for(s, _external=_external, **values) ourl_parts = list(url_parse(ourl)) if ourl_parts[2].endswith('/'): ourl_parts[2] = ourl_parts[2][:-1] nurl = url_unparse(tuple(ourl_parts)) return nurl
def resolve_redirect(self, response, new_location, environ, buffered=False): """Resolves a single redirect and triggers the request again directly on this redirect client. """ scheme, netloc, script_root, qs, anchor = url_parse(new_location) base_url = url_unparse((scheme, netloc, "", "", "")).rstrip("/") + "/" cur_server_name = netloc.split(":", 1)[0].split(".") real_server_name = get_host(environ).rsplit(":", 1)[0].split(".") if cur_server_name == [""]: # this is a local redirect having autocorrect_location_header=False cur_server_name = real_server_name base_url = EnvironBuilder(environ).base_url if self.allow_subdomain_redirects: allowed = cur_server_name[-len(real_server_name ):] == real_server_name else: allowed = cur_server_name == real_server_name if not allowed: raise RuntimeError("%r does not support redirect to " "external targets" % self.__class__) status_code = int(response[1].split(None, 1)[0]) if status_code == 307: method = environ["REQUEST_METHOD"] else: method = "GET" # For redirect handling we temporarily disable the response # wrapper. This is not threadsafe but not a real concern # since the test client must not be shared anyways. old_response_wrapper = self.response_wrapper self.response_wrapper = None try: return self.open( path=script_root, base_url=base_url, query_string=qs, as_tuple=True, buffered=buffered, method=method, ) finally: self.response_wrapper = old_response_wrapper
def is_signed_url_valid(user, url): """Check whether a signed URL is valid according to the user's signing secret.""" parsed = url_parse(url) params = url_decode(parsed.query) try: signature = params.pop('token') except KeyError: return False url = url_unparse( ('', '', parsed.path, url_encode(sorted(params.items()), sort=True), parsed.fragment)) signer = Signer(user.signing_secret, salt='url-signing') return signer.verify_signature(url, signature)
def make_github_link(app, path, line=None, mode="blob"): config = app.config urlpath = "/{user}/{project}/{mode}/{branch}/{path}".format( user=config.github_user, project=config.github_project, branch=config.version or 'master', path=path, mode=mode, ) return urls.url_unparse(( 'https', 'github.com', urlpath, '', '' if line is None else 'L%d' % line ))
def url_for_author_search(forename: str, surname: str) -> str: # If we are in an archive-specific context, we want to preserve that # when generating URLs for author queries in search results. archives = request.view_args.get('archives') if archives: target = url_for('ui.search', archives=archives) else: target = url_for('ui.search') parts = url_parse(target) forename_part = ' '.join([part[0] for part in forename.split()]) name = f'{surname}, {forename_part}' if forename_part else surname parts = parts.replace(query=url_encode({ 'searchtype': 'author', 'query': name })) url: str = url_unparse(parts) return url
def is_legacy_signed_url_valid(user, url): """Check whether a legacy signed URL is valid for a user. This util is deprecated and only exists because people may be actively using URLs using the old style token. Any new code should use the new :func:`signed_url_for_user` and :func:`verify_signed_user_url` utils which encode the user id within the signature. """ parsed = url_parse(url) params = url_decode(parsed.query) try: signature = params.pop('token') except KeyError: return False url = url_unparse( ('', '', parsed.path, url_encode(params, sort=False), parsed.fragment)) signer = Signer(user.signing_secret, salt='url-signing') return signer.verify_signature(url.encode(), signature)
def resolve_redirect(self, response, new_location, environ, buffered=False): """Resolves a single redirect and triggers the request again directly on this redirect client. """ scheme, netloc, script_root, qs, anchor = url_parse(new_location) base_url = url_unparse((scheme, netloc, '', '', '')).rstrip('/') + '/' cur_server_name = netloc.split(':', 1)[0].split('.') real_server_name = get_host(environ).rsplit(':', 1)[0].split('.') if cur_server_name == ['']: # this is a local redirect having autocorrect_location_header=False cur_server_name = real_server_name base_url = EnvironBuilder(environ).base_url if self.allow_subdomain_redirects: allowed = cur_server_name[-len(real_server_name):] == real_server_name else: allowed = cur_server_name == real_server_name if not allowed: raise RuntimeError('%r does not support redirect to ' 'external targets' % self.__class__) status_code = int(response[1].split(None, 1)[0]) if status_code == 307: method = environ['REQUEST_METHOD'] else: method = 'GET' # For redirect handling we temporarily disable the response # wrapper. This is not threadsafe but not a real concern # since the test client must not be shared anyways. old_response_wrapper = self.response_wrapper self.response_wrapper = None try: return self.open(path=script_root, base_url=base_url, query_string=qs, as_tuple=True, buffered=buffered, method=method) finally: self.response_wrapper = old_response_wrapper
def parse_redirect(location, parse_fragment=False): scheme, netloc, script_root, qs, anchor = url_parse(location) return ( url_unparse((scheme, netloc, script_root, '', '')), url_decode(anchor if parse_fragment else qs) )
def _get_base_url(self): return url_unparse((self.url_scheme, self.host, self.script_root, '', '')).rstrip('/') + '/'
def url_with_params(name: str, values: dict, params: dict) -> str: """Build a URL for ``name`` with path ``values`` and GET ``params``.""" parts = url_parse(url_for(name, **values)) parts = parts.replace(query=url_encode(params)) url: str = url_unparse(parts) return url
def _get_base_url(self): return url_unparse((self.url_scheme, self.host, self.script_root, "", "")).rstrip("/") + "/"
def redirect_to_login(*args, **kwargs): """Send the user to log in, with a pointer back to the current URL.""" query = url_encode({'next_page': request.url}) parts = url_parse(url_for('login')).replace(query=query) return redirect(url_unparse(parts))
def _make_base_url(scheme, host, script_root): return url_unparse( (scheme, host, script_root, "", "")).rstrip("/") + "/"
def _get_base_url(self): return (url_unparse( (self.url_scheme, self.host, self.script_root, "", "")).rstrip("/") + "/")